IT Ethics Assignment: Case Analysis Of Rogue Services

Question

Task:
Case Study
Rogue Services advertised its web hosting services as “cheap, guaranteed uptime, no matter what.” While some of Rogue’s clients were independent web-based retailers, the majority were focused on malware and spam. Several botnets used Rogue’s reliability guarantees to protect their command-and-control servers from take-down attempts. Spam and other fraudulent services leveraged Rogue for continuous delivery. Corrupted ads often linked to code hosted on Rogue to exploit browser vulnerabilities to infect machines with ransom ware.

Despite repeated requests from major ISPs and international organizations, Rogue refused to intervene with their services, citing their “no matter what” pledge to their customers.

Ultimately, Rogue was forcibly taken offline through a coordinated effort from multiple security vendors working with several government organizations. This effort consisted of a targeted worm that spread through Rogue’s network. This denial-of-service attack successfully took Rogue’s machines offline, destroying much of the data stored with the ISP in the process. All of Rogue’s clients were affected. No other ISPs reported any impact from the worm, as it included mechanisms to limit its spread.

Instructions to prepare IT Ethics Assignment:

• Analyze the actions of Rogue’s clients and multiple security vendors from the perspective of the Australian Computer Society (ACS) Code of Ethics.
• Make a recommendation on the basis of your analysis providing reasons for this recommendation.

Answer

Introduction
The Australian Computer Society is an amalgamation of communication and information technology; it has more than 50,000 registered member all around Australia. According to the founding guidelines of ACS, its main aim is to provide technical expertise and advancement in I.T sector of Australia and increase the technological resources. The ACS was founded on 1st January in 1966.The ACS is also a member of the Australian Council of Professions (Broadhurst, 2017). Besides this, another technical aspect like malware, ransomware, spam, and botnets is how these things affect or disrupt and sometimes even breach privacy by getting into an individual, computers without his/her knowledge. The report will discuss the various strategies and precautions, and safety measures to mitigate this harmful malware.

Australia's cybersecurity mainly takes pride itself in writing extensive private sector consultation, and its primary aim is to enhance the level of synergy and partnerships among various government bodies and industry. Aust Cyber, Australian cybersecurity provide was established in this scope. The institution also aims to provide a continuation link among industry and various government bodies as a part of its national cyber policy.

Actions of Rogue’s Client towards Cyberthreat
Spam
Unwanted emails or spam contains a primary vector mainly for disseminating malware, and emails are the most common ways of communication from the Internet (Fowler et al., 2017). Spam probably contains only carry good advertising, but it is also a vector for much cheating or trickster kind of schemes or scams that primarily uses electronic communication method.

The dangers of manipulating and fraudulent emails with malware help are way beyond the damages of commercial hampers and personal theft (Ladewig,2018). These may include forcible intrusion with confidential access of the databank, which poses a severe threat to the associated partners. This malware also tries to hampers computers through trojans, and the virus of massive malware flows of spam can disrupt the legitimate continuous flow of traffic. Hackers may use deceptive social engineering and individually selected methods to lure victims into opening mail attachments to direct them to compromised websites.

An organisation called Scam watch of fraud alarming body received 30,293 phishing related reports in 2017,40% were mail-related, 43% via phone, 25% by texts and 3.5% through mobile and other internet sources. Non-traceable Bulk mail is prevented worldwide by all the Internet Service Providers (ISPs). These operators were mainly operated from countries where there are non-spam laws; thus, they could not be prosecuted.

Malware
There are various thefts and cyber-attacks like malware and spyware, phishing and trojan, which act as intruders.

Ransomware
According to the argument of Broadhurst (2017), ransomware is also a kind of theft and kind of infection; if somehow it gets infected, it then becomes difficult to get rid of it. It infected all the critical data file and systems in an individual's computer system. A ransom is demanded to pay ransom for particular files; then, an individual will get those files. It becomes difficult that the files to been hijacked.

Botnets
As opined by Rajaretnam (2017), a botnet is another kind of malware that infected a system to execute commands under the hacker's proper control. There are widespread botnet actions: spam email, DDoS attacks, Breach of finances, and Intrusions targeted.

Trojan
The trojan is another kind of malware that is then disguised as genuine software. Cybercriminals or hackers mainly employ Trojans intending to gain access to individuals' systems. User is mainly tricked by social engineering in the execution and loading of trojans in targeted consumers systems (Mikolic-Torreira et al., 2017) When it gets activated, it helps various crispy, steal, steal vital I, and gain access back door backdoor of one's system. These include – data deleting, blocking of data, data modifying, copying data and finally affecting computers' performance.

ISPs
It is a company that mainly provides services to connect the Internet and services to many individuals and companies. The system of ISPs they all are connected, linked with each other through network points and provides an internet backbone. There are various corrupted advertisements linked to Rogue's code to exploit browsers vulnerability to infest machines, mainly through ransomware.

Rogues Viewpoint
Rogue services in Australia claim its web hosting services offer excellent system reliability, less expensive regardless of. While some of the Rogues consumers mainly free web-based retailers, most of them focus on malware and spam (Molnar, Parsons, & Zouave,2017). Several malicious botnets and other malicious hacker use full-fledged Rogues reliability to fulfil their ulterior motive to trap individuals, acting as a shield to pull them down after. Very malicious services continued to support Rogues for keeping malicious sites safe and protective from being hunted down by law agency in Australia.

As a result, various web servers getting compromised and which mainly used to host forbidden material without awareness of site owners (Rajaretnam, 2017). On severely compromise webservers, there is a chance of delivering malicious software, which then infected the visitors to the site without the owner's sound knowledge, also known as a drive-by download. Dealing with a compromised or vulnerable website affect several ways. It will hamper the reputation and integrity of an organisation which ultimately affects the business in a big way.

The security vendors based in Australia were trying their best to prevent these kinds of malicious hackers from operating in Australia, and whereby they put millions of data at risk.

Code of Ethics of Australian Computer Society
According to the ethics of ACS, one has to behave professionally and exhibit integrity in dealings with clients, employers, students and, at last, the community in general. According to the argument of Seebeck (2020), an individual has to work diligently for the clients and the employers. An individual also requires to be honest in skills, knowledge management, products and services. Even one has to increase the honesty computing profession and needs to have mutual respect.

The criteria mentioned above regarding the ethics of ACS applies to individual work professional. The list is not necessarily exhaustive (Srinivas, Das & Kumar, 2019).The standard code of conduct's primary aim is to provide more details and make more sophisticated the behaviours in particular. The ACS admits that the standards are good and sometimes not always possible to achieve at all times. In practicality, it is not always possible to maintain an objective standard about behaviour ethics. The explanation of unethical and ethical behaviour needs some form of subjectivity. A member is bound to consider the entire code to solve ambivalent problems linking to ethical issues. The member is also responsible to other members to determine what is ethical and what is not in specific circumstances.

According to the ethical principles of ACS, the Rogue organisation was seen in complete violation of the ethical code of conduct, where it is expected to abide by it. The organisation named Rogue openly violated Australia's conduct rules and policy by promoting malicious operator to continue their business without caring for legislative action (Slay,& Austin, 2018). While various security vendors of Australia wanted to comply with the guideline and policies as laid down by ACS

So, security vendors started protesting against Rogue for participation in the electronic system's illegal and unethical practices. So collaborative efforts from various security vendors working with various government bear some positive results. It mainly consists of releasing a worm into Rogue’s system network (Stuparu,2020). The openly denying of attack by Rogue pull it off from the online market eliminates most of the data file kept with ISP during this process. As a result, most of Rogues clients were severely affected by it. This kind of action immediately drops the traffic rate of botnets and spam quite considerably. Apart from this, several kinds of ransomware also ceased to exist.

Recommendations
URL shortening used by cyber-criminals which ultimately leads to phishing websites by hiding URL. Example Wikipedia and Reddit strongly discourage URL shortening from preventing disguise criminals from getting into the system. Other system providers should come forward and implement these to prevent cyber fraud.

To increase and provide support to digital products across the country, there is also a vast requirement to invest in development and research. There needs to be a proactive approach from the government's sides to invest significantly in technology, science, mathematics and engineering (STEM) R&D and education.

Both the sector private and public design technologies that are robust so that their legal usage is hardly faced any constraints, but illegal use needs to be prevented in any form. The governments also require to come forward with a scheme to provide incentives to the public sector to bring innovation in cyberspace security.

Handy measure against harmful spam to make machine learning that regularly checks the Internet the mail contents, suspicious URL, attachments and it can identify suspicious URL and mails with the help of socially engineered mail known as blacklists.

Conclusion
From the present study, it has been found out that Rogue, an organisation, was operating and practices in an illegitimate way. As because of this, honest business enterprises getting hampered while this malicious virus is getting into individuals' system, thereby jeopardizing the entire people privacy and data files at risk. Further research is also required to formulate robust strategies for suppressing cyber theft in the upcoming time. Besides this, the government and various multinational companies in Australia require to come forward to provide training and necessary assistance to individuals so that these challenges can be handled with severe legal actions. With proper planning and implementation, it is expected to handle cybersecurity threat.

References
Broadhurst, R. (2017). Cybercrime in Australia. In The Palgrave Handbook of Australian and New Zealand Criminology, Crime and Justice (pp. 221-235). Palgrave Macmillan, Cham.

Fowler, S., Sweetman, C., Ravindran, S., Joiner, K. F., & Sitnikova, E. (2017). Developing cyber-security policies that penetrate Australian defence acquisitions. Australian Defence Force Journal, (202), 17-26. https://search.informit.org/doi/pdf/10.3316/informit.043016288670646

Ladewig, J. C. (2018). Australia's readiness for a complex cyber-catastrophe. Australian Army Journal, 14(2), 57-78. https://search.informit.org/doi/pdf/10.3316/informit.344436178524413

Mikolic-Torreira, I., Snyder, D., Price, M., Shlapak, D., Beaghley, S., Bishop, M., ... & Westerman, E. (2017). Exploring Cyber Security Policy Options in Australia. RAND CORP ARLINGTON VA ARLINGTON United States. https://apps.dtic.mil/sti/pdfs/AD1085732.pdf

Molnar, A., Parsons, C., & Zouave, E. (2017). Computer network operations and ‘rule-with-law’in Australia. Internet policy review, 6(1), 1-14. http://dro.deakin.edu.au/eserv/DU:30091979/molnar-computernetweorkoperation-2017.pdf

Rajaretnam, T. (2017). Cyber security: should Australian businesses rethink their data governance practices and cyber security strategies?. In The Australasian Law Teachers Association Annual Conference, 5-8 July 2017, Adelaide, Australia. https://researchdirect.westernsydney.edu.au/islandora/object/uws:47579/

Seebeck, L. (2020). Digital Technology, Cyber Security, and the Public Service Challenge in Australia. The Palgrave Handbook of the Public Servant, 1-16. https://link.springer.com/content/pdf/10.1007/978-3-030-03008-7_115-1.pdf

Slay, J., & Austin, G. (2018, March). Development in Training and Education for Australian Cyber Security: Filling the Gaps. In Journal of The Colloquium for Information Systems Security Education (Vol. 5, No. 2, pp. 27-27). https://cisse.info/journal/index.php/cisse/article/download/80/CISSE_v05_i02_p04.pdf

Srinivas, J., Das, A. K., & Kumar, N. (2019). Government regulations in cyber security: Framework, standards and recommendations. Future Generation Computer Systems, 92, 178-188.